-
Notifications
You must be signed in to change notification settings - Fork 54
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add guidance and conclusions to top of fuzz-introspector report #46
Comments
This is also to be used in guidance, i.e. on whether some fuzz targets should be explored for blockers. Ref: #46
Split generation of HTML report into smaller components. This makes it make flexibly, which will be used for generating HTML content at the top of the HTML report that is based on analysis done at the end of the generation, e.g. showing conclusions and guidance that is based on results from the end of the analysis but the HTML content of the guidance will be shown at the top of the report. Ref: #46
Modularise the conclusions are created and displayed. The key idea is to let analyses simply add conclusiones themselves and expect it to be shown in the report. Ref: #46
Is there any work remaining here? |
We have conclusions added now and they look good I recon. However, we should re-iterate over the language in the conclusions and also refine the actual conclusions (what we consider good, how we phrase "this could be improved" and things of this nature). I left this issue open for these purposes. |
The current ones LGTM for v1. So removing the milestone. |
Closed by #416 |
Currently the fuzz-introspector report is focused around displaying a lot of data, but we don't provide a ton of conclusions about the health of the fuzzing of a project.
It would be nice to create some simple conclusions that are easily digestible by a developer, e.g.
This is quite similar in nature to how malware analysis reports will often have a set of heuristics at the top of it which makes it easy to get a holistic view into the malware analysis. We should create something similar for fuzz-introspector.
The text was updated successfully, but these errors were encountered: